CVE-2017-11474

NameCVE-2017-11474
DescriptionGLPI before 9.1.5.1 has SQL Injection in the $crit variable in inc/computer_softwareversion.class.php, exploitable via ajax/common.tabs.php.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
glpisource(unstable)(unfixed)unimportant

Notes

Only supported behind an authenticated HTTP zone

Search for package or bug name: Reporting problems